Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #DON'T FORGET TO EDIT THE FUNCTION NAME INTO SOMETHING MEANINGFUL TO YOU
- Function My-DisableAccount{
- <#
- .SYNOPSIS
- Disables Active Directory Account of User
- .DESCRIPTION
- Disables AD Account, hides email address from Global Address list, if an email is present, and gives manager access to user mailbox if a Manager is assigned in AD
- .PARAMETER UserName
- The name of the user to disable
- .EXAMPLE
- .\My-DisableAccount [Username]
- #>
- [CmdletBinding()]
- Param(
- [Parameter(Mandatory=$true)]
- [String]$Username
- )
- #Disables AD UserAccount
- Set-ADUser $Username -Enabled $false
- #Changes Userpassword
- Set-ADAccountPassword -Identity $Username -NewPassword (ConvertTo-SecureString -AsPlainText "Password" -Force)
- Write-Host "The Account, $Username, has been disabled and the password has been changed"
- #Imports session to Exchange server to enable remote management
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://[FQDN of Exchange Server]/PowerShell/ -Authentication Kerberos -WarningAction:SilentlyContinue
- Import-PSSession $Session
- #Checks for Mailbox assigned to user
- $EmailAddress = Get-Mailbox -Identity $Username
- If ($EmailAddress -eq $null)
- {
- Write-Host "The error occurred because $username does not have a mailbox"
- Get-PSSession | Remove-PSSession -WarningAction:SilentlyContinue
- }
- else
- {
- #Checks for assigned manager to user
- $Manager = (Get-Aduser (Get-Aduser -identity $Username -Properties Manager | Select-Object Manager).Manager).samAccountName
- IF ($Manager -eq $Null)
- {
- Write-host "The above error occured because $username does not have a manager assigned"
- #Hides user from GAL
- Set-Mailbox -Identity $Username -HiddenFromAddressListsEnabled $true
- Write-Host "The mailbox for, $Username, has been hidden from Exchange Lists"
- #Removes remote session to exchange server
- Get-PSSession | Remove-PSSession -WarningAction:SilentlyContinue
- }
- else
- {
- #Hides user from GAL
- Set-Mailbox -Identity $Username -HiddenFromAddressListsEnabled $true
- #Grants manager access to user mailbox
- Add-MailboxPermission -Identity $Username -User $Manager -AccessRights Fullaccess -InheritanceType all
- Write-Host "The maillbox for $Username has been hidden from Exchange Lists and $Manager has full access to the Mailbox"
- #Removes remote session to exchange server
- Get-PSSession | Remove-PSSession -WarningAction:SilentlyContinue
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement